6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff | Triage

Submit
Reports

Overview

overview

Static

static

1

6618187617...ff.exe

windows7-x64

6618187617...ff.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff.exe

Resource

win7-20230220-en

blackmoon gh0strat banker persistence rat trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff.exe

Resource

win10v2004-20230220-en

blackmoon gh0strat banker persistence rat trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
Size

421KB
MD5

6ad7891db85a7aaed99fb139e9bb862d
SHA1

a75afe48d74d8e6288415823ee1900347e8bfbeb
SHA256

6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
SHA512

213578deef3808a9e9a58d21aa63189a586829b51da41dcc68625c2dc6861ec7f647d7bd9d8e2f589be18c3cd9e44b9802126ba3af814b9cd57751ca51c7d39f
SSDEEP

6144:uIqVIVeUNiZk4zXX3thxTJ0yy4rlwWvKFwPzcdN72/tUTSiZ29Go/wncTN:9qVIkUNiZfHH9O/wz42FE292nm

Score

1^/10

Malware Config

Signatures

Files

6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
.exe windows x86

582b800c16b0b661e8fd1eb75b1f8339

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

OpenClipboard

gdi32

CreateDIBitmap

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetDim

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 309KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy